How to Manage API Keys and Webhooks

API Keys & Webhooks is for developers and technical operators who want to integrate KaiCalls with their own software. An API key is a credential your backend sends with each request to read data such as agents, calls, and related records. A key belongs to a single business, so it can only reach that business's data — keep keys separate from user logins.

• Create and manage API keys for a selected business
• Use keys for programmatic access to agents, calls, and related data
• Configure outbound webhooks that notify your external systems of events
• Keep integration credentials fully separate from user passwords

1. Go to Dashboard > Settings > API Keys.
2. Open the API Keys tab.
3. Select the business the key should belong to. The key is scoped to that business's data only.
4. Create the key and copy it immediately into your secure secret manager — treat it like a password.
5. Use the key only from trusted server-side code, never in a browser.

Webhooks push events from KaiCalls to a URL you control, so your CRM or automation tools can react in real time instead of polling.

1. Open Dashboard > Settings > API Keys.
2. Switch to the Outbound Webhooks tab.
3. Add or update the destination URL for your external system.
4. Save the webhook configuration.
5. Trigger a test event, or run the workflow that should fire the webhook, and confirm your endpoint received it.

• Store keys in a secret manager or environment variable, never in source code.
• Use a different key per integration so you can revoke one without breaking the others.
• Rotate a key by creating a new one, updating your integration to use it, then deleting the old key — this avoids downtime.
• If a key may have leaked, delete it right away; deleting a key immediately stops it from working.
• Have your webhook endpoint serve HTTPS and reject unexpected requests.